Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ykj9_mkhWZuK2ewDDLn1GfhcAM8.roa
File: ykj9_mkhWZuK2ewDDLn1GfhcAM8.roa (raw, json)
Hash identifier: ZNDC9ArDqvJKLcX0wPC9VYE5dZBDMLOkmm+mmcZo4Pk=
Subject key identifier: CA:48:FD:FE:69:21:59:9B:8A:D9:EC:03:0C:B9:F5:19:F8:5C:00:CF
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC50114E81C8E3B3ABC1B9BEA0C97FFBA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ykj9_mkhWZuK2ewDDLn1GfhcAM8.roa
Signing time: Mon 01 Jan 2024 12:30:31 +0000
ROA not before: Mon 01 Jan 2024 12:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 89.36.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Feb 2024 13:18:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:14:e8:1c:8e:3b:3a:bc:1b:9b:ea:0c:97:ff:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca48fdfe6921599b8ad9ec030cb9f519f85c00cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:fa:d5:68:64:3e:f3:1a:ae:a9:77:84:2b:31:
69:b5:92:9d:6f:04:e4:d1:d3:32:82:e9:21:e6:fd:
d8:03:d4:ff:a5:27:3f:e1:26:e1:a6:f8:f0:82:8e:
23:bb:c6:cc:88:df:65:99:43:79:2a:7b:25:65:c9:
e0:47:a0:c3:7b:0e:82:3c:09:7d:12:74:7d:95:f3:
4b:10:d4:9d:f7:69:81:a3:c5:18:d7:15:5d:89:98:
50:47:87:d3:e6:a5:01:c7:0f:7e:e9:b2:6e:8c:ee:
8b:f5:1c:b8:ac:52:7d:8b:8a:60:ed:aa:1c:da:ab:
79:6b:0f:d3:23:ee:5a:b5:0b:e9:3c:c8:85:9f:2f:
9d:b7:5c:9a:85:1c:09:d3:66:10:f0:d6:c2:cd:f9:
1b:9e:7b:6d:63:ad:d0:a9:ea:48:54:9c:ca:86:ca:
a8:f7:ad:54:fe:bd:ef:16:69:30:27:f6:46:44:bc:
08:64:be:40:ca:a5:e5:42:ff:2f:b3:4f:0b:3e:bc:
30:ee:49:75:2f:4d:59:61:1c:7e:ff:db:9b:40:06:
2b:20:25:c1:ab:de:31:42:1f:c9:26:44:4d:09:97:
d3:58:80:4d:39:b4:58:27:46:01:41:e7:64:57:a7:
30:a1:6e:f7:18:17:f8:01:3b:af:30:52:43:03:66:
16:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:48:FD:FE:69:21:59:9B:8A:D9:EC:03:0C:B9:F5:19:F8:5C:00:CF
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ykj9_mkhWZuK2ewDDLn1GfhcAM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.23.0/24
Signature Algorithm: sha256WithRSAEncryption
69:83:cd:34:5a:ad:27:d2:2a:a2:f5:84:aa:f6:08:91:cc:e7:
26:b7:8a:3a:a5:25:09:c9:90:cc:cc:96:11:47:ad:b7:3b:0d:
53:ed:a0:e3:cd:de:ce:02:4d:40:ca:dc:84:79:84:89:8f:50:
b1:7f:0c:e0:a8:bd:1c:76:33:da:6f:6b:9a:38:ec:91:92:8a:
87:a0:0f:da:c5:f3:6e:a0:9a:9f:5e:7b:22:7c:ce:d7:e4:af:
c4:9b:51:92:a9:a1:38:1d:d5:2d:e8:9a:87:2c:7e:ea:cb:36:
e9:2c:98:c5:ee:02:98:34:b8:b4:61:fc:a3:46:d0:62:16:ef:
85:d9:d0:38:ec:1f:74:d5:15:3f:38:ab:18:89:fe:2c:d2:1d:
f1:7e:3b:0e:57:32:61:33:f1:29:6a:7c:07:4b:c1:5f:94:ae:
e5:37:38:85:03:5d:96:d7:fc:2c:cc:37:d5:5d:9f:d5:f1:c9:
72:fe:3b:ba:e1:da:e2:de:bb:b7:a7:cc:1c:6a:5d:8a:89:2d:
e3:14:90:1d:c6:8c:99:15:9d:a1:73:77:e6:3d:9e:79:36:ac:
91:a6:63:46:fd:39:b9:3d:24:4a:7c:5f:e8:ce:ca:73:6a:3a:
7a:11:31:82:1f:ad:92:9a:c9:d9:03:26:c4:82:69:32:0a:44:
34:c7:bd:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFARToHI47Orwbm+oMl/+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQ4ZmRmZTY5MjE1OTliOGFkOWVjMDMwY2I5ZjUxOWY4NWMwMGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvrVaGQ+8xquqXeEKzFptZKdbwTk
0dMygukh5v3YA9T/pSc/4Sbhpvjwgo4ju8bMiN9lmUN5KnslZcngR6DDew6CPAl9
EnR9lfNLENSd92mBo8UY1xVdiZhQR4fT5qUBxw9+6bJujO6L9Ry4rFJ9i4pg7aoc
2qt5aw/TI+5atQvpPMiFny+dt1yahRwJ02YQ8NbCzfkbnnttY63QqepIVJzKhsqo
961U/r3vFmkwJ/ZGRLwIZL5AyqXlQv8vs08LPrww7kl1L01ZYRx+/9ubQAYrICXB
q94xQh/JJkRNCZfTWIBNObRYJ0YBQedkV6cwoW73GBf4ATuvMFJDA2YWfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpI/f5pIVmbitnsAwy59Rn4XADPMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEveWtqOV9ta2hXWnVLMmV3RERMbjFHZmhjQU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSQXMA0G
CSqGSIb3DQEBCwUAA4IBAQBpg800Wq0n0iqi9YSq9giRzOcmt4o6pSUJyZDMzJYR
R623Ow1T7aDjzd7OAk1AytyEeYSJj1CxfwzgqL0cdjPab2uaOOyRkoqHoA/axfNu
oJqfXnsifM7X5K/Em1GSqaE4HdUt6JqHLH7qyzbpLJjF7gKYNLi0YfyjRtBiFu+F
2dA47B901RU/OKsYif4s0h3xfjsOVzJhM/EpanwHS8FflK7lNziFA12W1/wszDfV
XZ/V8cly/ju64dri3ru3p8wcal2KiS3jFJAdxoyZFZ2hc3fmPZ55NqyRpmNG/Tm5
PSRKfF/ozspzajp6ETGCH62SmsnZAybEgmkyCkQ0x71F
-----END CERTIFICATE-----
Generated at Tue Feb 13 17:34:58 2024 by rpki-client on console-fra.rpki-client.org